Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

RSA Unveils Security Operations Center Solution

RSA unveiled a new solution on Tuesday that is designed to help security teams detect and stop threats that could ultimately lead to an organizational data breach.

RSA unveiled a new solution on Tuesday that is designed to help security teams detect and stop threats that could ultimately lead to an organizational data breach.

Called the RSA Advanced Security Operations Center (SOC) Solution, the offering is an integrated set of technologies and services that can provide SIEM, Network Forensics, and Endpoint threat protection.

“Combining security information and event management, (SIEM), full packet capture network forensics and endpoint threat detection capabilities, the RSA Advanced SOC Solution is designed to help security teams quickly spot attacks that often go unnoticed by stand-alone log-centric SIEM, and traditional perimeter-based security tools, including anti-virus, firewalls and intrusion prevention systems,” the security division of EMC explained in an announcement.

Integrating technologies from RSA Security Analytics, RSA ECAT and RSA Archer Security Operations Management, along with training and services from RSA, the new offering delivers compliance and security requirements in one platform.

The RSA Advanced SOC Solution is engineered to collect detailed network, system and endpoint data to help both enable timely incident detection and direct security analysts to pivot instantly from suspected compromises to deep incident forensics and understand the true nature and scope of the issue, RSA said.

According to the company, more than 400 network and log parsers perform capture time analysis of every log and network session to identify key threat indicators and extract metadata to help security analysts discover most important issues.

In terms of SIEM capabilities, RSA says the solution has the ability to collect and parse more than 250 event sources, leveraging more than 275 “out-of-the-box correlation rules” and comes with roughly 100 report templates.

For incident response, the solution provides aggregated alerts across data sources to pinpoint threats and help security teams quickly launch an invesigation.

Advertisement. Scroll to continue reading.

“Providing visibility far beyond logs, the RSA Advanced SOC Solution also is engineered to correlate network packets, NetFlow, and endpoint data to provide visibility far beyond stand-alone SIEM, helping to eliminate blind spots and assisting in faster remediation of threats while meeting compliance requirements,” RSA said.

Designed to scale and adapt to customers’ current needs, RSA explained that the new solution was developed to investigate and analyze suspicious endpoint activity and determine how widely any malware detected has spread through the enterprise.

Without the use of signatures, RSA ECAT helps detect malware and other threats that may have gone undiscovered by other anti-virus technologies.

“Many organizations are struggling to balance security and business risk with new technology demands. As next-generation technologies like cloud and mobile evolve into the norm, security tools and defensive techniques must keep pace protecting from the expanded risks,” Jon Oltsik, Senior Principal Analyst, ESG, said in a statement.

“Solutions that provide a more detailed view into what is happening on the network and also help prioritize security events can give organizations a significant time advantage to remediate the most pressing issues quickly.” “SIEM technologies help meet compliance requirements and offer a basic detection levels – but only for logs. Next-generation firewalls and malware detection tools provide greater visibility, but often without the analytics and incident response needed to turn raw data into actionable intelligence,” Amit Yoran, Senior Vice President at RSA, said.

“The truth is most organizations today ARE under relentless attack and they lack the tools to fight back effectively,” Grant Geyer , Vice President, Security Analytics at RSA, wrote in a blog post. “Security teams desperately need a new plan of attack – one that tips the scale back in their favor. RSA ASOC Solution is a powerful weapon that does just that by helping to improve visibility, analytical firepower and ability to take action.”

The RSA Advanced Security Operations Center Solution is scheduled to be available in Q3 2014.

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is founder and director of several leading cybersecurity industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Karl Triebes has joined Ivanti as Chief Product Officer.

Steven Hernandez has joined USAID as CISO and Deputy CIO.

Data security and privacy firm Protegrity has named Michael Howard as its CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.